 <?php 

$username = $_POST['username'];

$password = $_POST['password'];



include("opendb.php");

include("functions.php");

//$res = isValidUser($username,$password);

//if($res!=1) {

//echo "0";

//exit;

//}



$listingid = $_POST['listing_id'];
$ListingID = '185376';




$query = "select * from Users where Username='".$username."'";

$result = mysql_query($query) or die ("SQL Error".mysql_error());

$row=mysql_fetch_assoc($result);

$userid = $row['ID'];

$xmlout = "<IMAGES>\n\t";

$lquery = "select * from Listing_Images where Listing_ID = '".$ListingID."' and Type='IMAGE'";
$lresult = mysql_query($lquery) or die ("SQL Error".mysql_error());
if(mysql_num_rows($lresult) == 0)
{
}
else
{
	$i=1;
	while($lrow=mysql_fetch_assoc($lresult))			
	{

		$xmlout.= "<IMAGE-".$i.">http://opendls.com/listing_images/t_".$lrow['Path']."</IMAGE-".$i.">\n\t\t";
		$i++;
	}
}


		
$xmlout .= "</IMAGES>\n\t";
		echo $xmlout;

?>